Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
We have a mobile app that's used by multiple organizations. a feature on the mobile app requires users to upload images to their Dropbox account, all organization have their own Dropbox account.
To make an upload API call to i will need an access token and to get 1 I will be redirected to Dropbox login screen correct? Do I have an option where I can pass the user credentials or API key in the upload API and not need my app to redirect to Dropbox login screen? The mobile app will store the dropbox credentials or API key in the settings.
In order to get an access token for a user, your app must send them through the OAuth app authorization flow.
Your app should never request or handle the user's actual Dropbox credentials (username/password). The Dropbox API does not offer a way for your app to get an access token directly from their credentials or an app key.
Once your app gets an access token via the OAuth app authorization flow though, it can store and re-use the access token for future use without further manual user intervention.
Greg, Thanks for a quick response.
If we have an API that calls the Dropbox API. I will not be using authorization flow right? What will I need to pass for authentication or Authorization then? Will there be a redirection to login screen here?
to clarify, Mobile app calls our API which in turn calls Dropbox API.
Regardless of how your client/server is set up, the end-user will need to be sent through the Dropbox OAuth app authorization flow to authorize the app to access their account. This only needs to be done once per user. Once you have the access token for that user, you supply it in the "Authorization" header as "Bearer ACCESS_TOKEN_HERE" when making Dropbox API calls. I recommend reviewing the OAuth documentation and guide for more information.
Where in your app you implement this is up to you, based on what makes sense for your app. I do recommend using one of the official SDKs, if possible, as they will do a lot of the work for you. (One note though: processing this inside a web view is not allowed; use the system browser.)
Greg, do the APIs support something like "Client credentials grant" which is basically used for machine-to-machine authentication?
No, the Dropbox API only supports the code and implicit grants.
Hi there!
If you need more help you can view your support options (expected response time for a ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!